Try our new research platform with insights from 80,000+ expert users

ForgeRock vs Symantec Privileged Access Manager comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ForgeRock
Average Rating
8.0
Reviews Sentiment
6.5
Number of Reviews
30
Ranking in other categories
Identity Management (IM) (13th), Access Management (11th), Customer Identity and Access Management (CIAM) (6th)
Symantec Privileged Access ...
Average Rating
7.8
Reviews Sentiment
7.0
Number of Reviews
53
Ranking in other categories
Privileged Access Management (PAM) (18th)
 

Mindshare comparison

While both are Identity and Access Management solutions, they serve different purposes. ForgeRock is designed for Access Management and holds a mindshare of 7.2%, up 6.9% compared to last year.
Symantec Privileged Access Manager, on the other hand, focuses on Privileged Access Management (PAM), holds 1.6% mindshare, up 1.6% since last year.
Access Management
Privileged Access Management (PAM)
 

Featured Reviews

Ahmet Murat Ülker - PeerSpot reviewer
Easy to use, but customizations can be complicated to handle
I would suggest others use the product after asking them to consider their use cases. SSO may be a use case for some, and using the product as an IDM tool may be a use case. At the moment, my company is not deploying all the components of ForgeRock itself. My company uses ForgeRock for OAuth 2.0. For example, my company is not deploying the IDM and identity gateway components. You should consider your use case and select the required components for that use case. My company does not use the SSO features of the tool. My company uses SSO to access ForgeRock's AM Console for individual users. My company does not use single sign on features of the product and instead, we use Auth0. I rate the tool a seven or eight out of ten.
Muzi Lubisi - PeerSpot reviewer
Secure management of sensitive servers and seamless applications with direct linking
The credential injection feature is highly valued, particularly for RDP sessions. A majority of customers use it for RDP, and a couple for Linux servers. The broader capabilities, including access to multiple systems, web-based applications, and clustering, have never posed an issue. The threat analytics aspect is also a robust feature that analyzes all pertinent information.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like the way it is handling authentication and authorization."
"This is a stable solution. When you do experience any issues, you will see it in your DB logs or audit logs so you can easily reach a conclusion of might be causing it."
"The most valuable features are that it is easy to manage and it's stable."
"The support is good and prompt."
"We have found the identity and access management tools in the solution to be particularly useful for our organization."
"Easy to customize and adaptable to any environment."
"Even though we have very small business interests with them today, they see that we plan on growing drastically over the next two years. Therefore, we have excellent support and we are now at a point where we are not calling tech support. We pick up a phone and call the Account Manager and they'll get everything resolved for us. We don't have to queue along with everybody else and go through a long process."
"The product is easy to set up."
"It gives you list of servers, so you can see which users have access to which servers. This is really useful, so we can make sure nobody is getting extra access than what is needed."
"The key benefits are we improve our governance. We ensure we can build more trust in the way we run and operate our environment, and most of all is the accountability."
"We found that the architecture is scalable and very resilient."
"Stability is solid as a rock."
"One of the key things for us about the product is around its simplicity. Being able to put in the technology that allows the business to remove complexity and also allow the security improvements."
"The RDP-gateway: For limiting which server an operator can access."
"Comprehensive coverage of the required features for the PAM solution."
"We can enforce complicated password policies and very important frequent password changes."
 

Cons

"ForgeRock is an open source solution and is available to everyone but it is not freeware. If you need support, you need a subscription for ForgeRock. Many of its functionalities need to be built up with the help of a consultant."
"They should improve the solution by include reporting."
"It should have a better user interface. Its flexibility should also be improved. It is not about simplifying; it is more about flexibility. Each company has its own requirements, and ForgeRock can provide more flexibility in terms of the use of existing modules to implement features for the customers."
"I find that it's quite expensive for just an open-source system. Support is quite expensive."
"The solution could improve by adding more advertising and marketing."
"The solution's deployment should be made easier."
"As with any complex software platform, there is a learning curve to using ForgeRock, and it may require specialized expertise to implement and manage effectively."
"I think the upgrade process is sometimes a little complicated and there are failures that occur."
"I would like this solution to be simpler. It should have a one-click access that works together with AWS."
"It's difficult to locate the reports, there are limits on what reports can be run from the GUI, and the report formats are lacking."
"The service account management functionality needs to be extended to application pools, SQL database, PowerShell scripts, service account discovery, etc."
"The setup is complex."
"They should include some assignments in the test environment to explore the product's features."
"I wish it could create local accounts on desktops."
"What I hope happens with the new product CA PAM is to keep all the useful features that exist in PA, but what I’ve noticed with many new products is the UI gets polished but systems lags stability and performance or it adds additional complexity instead of simplifying the user experience."
"Technical support was good when CA handled it. After Broadcom took over, it's not as good."
 

Pricing and Cost Advice

"We have multiple clients we are looking at right now. We are at a very small number, however, the idea and the goal is to grow. We are looking at about $100,000 and $50,000 a minimum a month cost. That'd be minimum maybe in a couple of years."
"Its price is comparable to other products in the market."
"The license is purchased annually per user. However, you can negotiate if you are signing for a longer period of time. When comparing this solution to others on the market it is priced fair, it is not at the top of the price range or at the bottom end."
"ForgeRock's pricing is more competitive than other products."
"The pricing of the solution is fair but I do not have the full details."
"ForgeRock is an expensive solution."
"Its licensing is on a yearly basis, but it also depends on the contract that you have with the vendor. They have multiple types of contracts. There are additional costs to the standard licensing fees. If you need some of the features, you have to pay more."
"It's a bit pricey and could be more competitive."
"The licensing is simple and scalable."
"They offer per-device, per-user, or monthly and yearly licensing models."
"Don’t go with an agent model. Don’t go with a model that has you buying a thousand different parts. Go with PAM that gives you everything, or you’ll just be paying costs of implementing another tool that PAM would have just given you up front."
"The prices are not low, but one can ask for a discount. It’s not the cheapest PAM solution."
"Cost-wise, CA was better compared to others in the market. ​"
"Appliances are relatively cheap, don’t skimp. Make sure you have redundancy, high availability, and enough appliances to manage the concurrent workload."
"Pricing is fair compared to other top vendors."
"I would prefer better licensing options for the 20-100 users we have at a given time."
report
Use our free recommendation engine to learn which Access Management solutions are best for your needs.
859,957 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
24%
Computer Software Company
12%
Insurance Company
7%
Manufacturing Company
7%
Computer Software Company
17%
Comms Service Provider
13%
Financial Services Firm
13%
Manufacturing Company
11%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ForgeRock?
The most valuable features of ForgeRock are social login and data protection.
What is your experience regarding pricing and costs for ForgeRock?
Our company was considering switching back to Keycloak from ForgeRock, so as to not pay any license fees. ForgeRock also supports M-PIN and biometric features that Keycloak does not provide. My com...
What needs improvement with ForgeRock?
In the past, I saw that Splunk was integrated with a testing portal, and then it was integrated with Slack. I don't think ForgeRock directly supports integrations with Slack, making it an area wher...
What do you like most about Symantec Privileged Access Manager?
We can check the activities in the server for fragile files and documents in case of any issues.
What is your experience regarding pricing and costs for Symantec Privileged Access Manager?
Due to the nature of the solution, it is hard to gauge, but compared to competitors, the pricing is very good. I would rate it as an eight and a half out of ten.
What needs improvement with Symantec Privileged Access Manager?
Recent releases need improvement in webpage management. For instance, navigating through a webpage that acts like a wizard, where I proceed to the next page and enter more information, is not handl...
 

Also Known As

ForgeRock Identity Platform, ForgeRock OpenIDM
CA PAM, Xceedium Xsuite, CA Privileged Access Manager
 

Overview

 

Sample Customers

Geico, Thomson Reuters, Salesforce, McKesson, Trinet, SKY, BNP Paribas, Deloitte, Capgemini, North Western University
NEOVERA, Telesis, eSoft
Find out what your peers are saying about Microsoft, Auth0, Ping Identity and others in Access Management. Updated: June 2025.
859,957 professionals have used our research since 2012.